Solved: Re: "Failed to open session to passthru server" af...

hoomanv · ‎29 Apr 2020

Hello,

We have been using alfresco community 5.2 edition with passthru authentication (Single Sign On) via windows server 2008 R2 without any issues. After upgrading to windows server 2019, passthru authentication fails with this exception.

org.alfresco.repo.security.authentication.AuthenticationException: 03291074 Failed to open session to passthru server
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticatePassthru(NTLMAuthenticationComponentImpl.java:810)
        at org.alfresco.repo.security.authentication.ntlm.NTLMAuthenticationComponentImpl.authenticate(NTLMAuthenticationComponentImpl.java:570)
        at sun.reflect.GeneratedMethodAccessor635.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
        at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
        at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
        at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy132.authenticate(Unknown Source)
        at org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter.processType1(BaseNTLMAuthenticationFilter.java:401)
        at org.alfresco.repo.webdav.auth.BaseNTLMAuthenticationFilter.authenticateRequest(BaseNTLMAuthenticationFilter.java:303)
        at org.alfresco.repo.webdav.auth.BaseSSOAuthenticationFilter.doFilter(BaseSSOAuthenticationFilter.java:195)
        at sun.reflect.GeneratedMethodAccessor633.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.alfresco.repo.management.subsystems.ChainingSubsystemProxyFactory$1.invoke(ChainingSubsystemProxyFactory.java:119)
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
        at com.sun.proxy.$Proxy218.doFilter(Unknown Source)
        at org.alfresco.repo.web.filter.beans.BeanProxyFilter.doFilter(BeanProxyFilter.java:89)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:743)
        at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
        at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:410)
        at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
        at org.apache.jsp.index_jsp._jspService(index_jsp.java:100)
        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.doRun(AprEndpoint.java:2549)
        at org.apache.tomcat.util.net.AprEndpoint$SocketProcessor.run(AprEndpoint.java:2538)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:748)

hoomanv · ‎29 Apr 2020

Fixed by installing SMB 1.0/CIFS File Sharing Support

View solution in original post

angelborroy · ‎29 Apr 2020

Windows 2019 support is only available in Alfresco 6.2.

Hyland Developer Evangelist

hoomanv · ‎29 Apr 2020

Alfresco is setup up on a CentOs machine and is configured to use Passthru authentication with our windows domain.

Users can login to Alfresco web interface with their windows accounts, that means LDAP authentication is fine.

But mapped drives to AOS are broken since the upgrade from Windows server 2008 to 2019.

hoomanv · ‎29 Apr 2020

I have not touched anything in alfresco-global.properties. Here's the configuration that used to be working

cifs.enabled=false
cifs.tcpipSMB.port=1445
cifs.netBIOSSMB.sessionPort=1139
cifs.netBIOSSMB.namePort=1137
cifs.netBIOSSMB.datagramPort=1138

authentication.chain=passthru1:passthru,ldap1:ldap-ad,alfrescoNtlm1:alfrescoNtlm

synchronization.autoCreatePeopleOnLogin=false

ntlm.authentication.sso.enabled=true
ntlm.authentication.mapUnknownUserToGuest=false

passthru.authentication.useLocalServer=false
passthru.authentication.domain=
passthru.authentication.servers=dc1.mycompany.com,dc2.mycompany.com

ldap.authentication.active=true
ldap.authentication.allowGuestLogin=false
ldap.authentication.userNameFormat=%s@mycompany.com
ldap.authentication.java.naming.provider.url=ldap://dc1.mycompany.com:389

ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=ldap_user@mycompany.com
ldap.synchronization.java.naming.security.credentials=password
ldap.synchronization.groupSearchBase=ou\=Users,dc\=mycompany,dc\=com
ldap.synchronization.userSearchBase=ou\=Users,dc\=mycompany,dc\=com

hoomanv · ‎29 Apr 2020

Does it have to do anything with SMB 1.0/CIFS File Sharing Support? This feature is not installed by default on Windows server 2019

EddieMay · ‎29 Apr 2020

Hi @hoomanv,

Windows 2019 support in 6.2 is actually a work in progress.

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!

hoomanv · ‎29 Apr 2020

Well I'm still on 5.2, not 6.2

I'm not sure if microsoft has decided to drop NTLMv1 authentication on Windows server 2019, otherwise there is nothing I can think of that is preventing NTLM/Passthru authentication to work

hoomanv · ‎29 Apr 2020

Fixed by installing SMB 1.0/CIFS File Sharing Support

EddieMay · ‎29 Apr 2020

Hi @hoomanv,

Great news that you resolved it - & thanks for reporting how, very useful to other users.

Cheers,

Digital Community Manager, Alfresco Software.
Problem solved? Click Accept as Solution!

"Failed to open session to passthru server" after upgrading to windows server 2019

"Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

"Failed to open session to passthru server" after upgrading to windows server 2019

"Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

Re: "Failed to open session to passthru server" after upgrading to windows server 2019

We use cookies on this site to enhance your user experience